Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3834
Views
0
Helpful
3
Replies

IPSEC VPN client cannot ping internal LAN devices and not getting IP address assigned by DHCP server.

brian-jamieson
Level 1
Level 1

‎01-25-2015 02:24 PM

We have a CISCO RV130W setup as an IPSEC VPN server that we can connect to using the ShrewSoft client.  Once connected there is no issue in pinging the router.  DHCP on the router is set as a relay to our internal DHCP server which has a scope assigned for non-static clients.  The IPSEC client can connect to and manage the router without issue, but cannot ping anything inside the local subnet and is not receiving an address from the DHCP server.

Would there be an issue with the router setup, Shrewsoft client setup or perhaps with the DHCP scope options?

Labels:
0 Helpful
3 Replies 3

Kremena Ivanova
Cisco Employee
Cisco Employee

‎01-26-2015 06:59 AM

Hello,

 

The Shrew soft client will not receive an IP from the internal DHCP server. These are broadcast packets which will not pass through the tunnel. 

One thing to consider, when the LAN users are not reachable by the client - RV130, should be the gateway for the LAN users

Second thing to check - in Shrew VPN configuration window - Policy - policy Geberation Level to be Required, uncheck both ticks and in Remote Network Resource Add - RV130 LAN subnet range

 

This is not all, but most common...

Regards,

Kremena

0 Helpful

brian-jamieson
Level 1
Level 1
In response to Kremena Ivanova

‎01-30-2015 10:18 AM

Thank you for your comments Kremena

1) The RV130 is the gateway for LAN users

2) The Shrew config Policy Generation Level is 'Required', both checkboxes are not checked, and our LAN subnet and mask is correctly entered.

 

I can establish a VPN Shrew connection to the RV130 and then ping it's internal gateway (192.168.xx.1) but still cannot ping any other systems on the internal LAN.  Also the PC I'm using with the Shrew client does not get assigned an IP for the remote LAN.

Brian

 

0 Helpful

cchamorr
Level 5
Level 5
In response to brian-jamieson

‎03-06-2015 12:04 PM

Hello, 

I wanted to follow up with you and see if you were able to resolved the issue or if you are still having problems.

While checking your case I noticed a few things:

1- It is absolutely normal, as it is the expected behavior, for the client not to receive a IP address from the DHCP server on the network. This is by no meant an issue and you can confirm it because if there was a problem, you won't be able to configure the router over the VPN.

2- I understand you are having issues pinging, how about other types of traffic? Can you, lets say, connect via remote desktop using the tunnel? 

Sometimes the issue is as simple as disabling the firewall on the LAN PC's so that they will accept the traffic.

3- As a test, you can try using the bult in PPTP server and see if you are able to reach the devices on the LAN using that method.

Here is a link to a document explaining how to configure the PPTP VPN.

http://sbkb.cisco.com/CiscoSB/ukp.aspx?vw=1&docid=94d2e56c5e464cfa9321e10c3e487bdd_Add_VPN_Users_to_a_PPTP_VPN_Server_on_RV130_and_RV130W.xml&pid=2&respid=0&snid=4&dispid=0&cpage=search

Please let us know.

0 Helpful
Customers Also Viewed These Support Documents